AWS Certified Solutions Architect – Professional SAP-C01 – Question152

The two policies that you attach to an IAM role are the access policy and the trust policy. The trust policy identifies who can assume the role and grants the permission in the AWS Lambda account principal by adding the _______ action.

A.
aws:AssumeAdmin
B. lambda:InvokeAsync
C. sts:InvokeAsync
D. sts:AssumeRole

Correct Answer: D

Explanation:

Explanation: The two policies that you attach to an IAM role are the access policy and the trust policy. Remember that adding an account to the trust policy of a role is only half of establishing the trust relationship. By default, no users in the trusted accounts can assume the role until the administrator for that account grants the users the permission to assume the role by adding the Amazon Resource Name (ARN) of the role to an Allow element for the sts:AssumeRole action.
Reference:
http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_manage_mod…